Fix systemd conversion. Upgrades from SysV to systemd weren't properly
enabling the systemd service. Fix a serious memory leak in the memberOf plugin Fix an issue where the user's full name would sometimes be removed from the cache
This commit is contained in:
parent
7dcee20614
commit
d895a5f72c
26
0001-memberof-fix-calculation-of-replaced-members.patch
Normal file
26
0001-memberof-fix-calculation-of-replaced-members.patch
Normal file
@ -0,0 +1,26 @@
|
|||||||
|
>From c4236347f6c807793bd5c8c6a7432c0e9a2e78c2 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Simo Sorce <ssorce@redhat.com>
|
||||||
|
Date: Wed, 13 Apr 2011 15:21:32 -0400
|
||||||
|
Subject: [PATCH 2/3] memberof: fix calculation of replaced members
|
||||||
|
|
||||||
|
We were skipping the check on the next value in the added list when a match
|
||||||
|
was found for the currentr value being checked.
|
||||||
|
---
|
||||||
|
src/ldb_modules/memberof.c | 1 +
|
||||||
|
1 files changed, 1 insertions(+), 0 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/src/ldb_modules/memberof.c b/src/ldb_modules/memberof.c
|
||||||
|
index 55c52fdcbbfccb7607190e21954a1439dc8fa57e..41ea0b344e951ffc47a4882896671bd9b37e1719 100644
|
||||||
|
--- a/src/ldb_modules/memberof.c
|
||||||
|
+++ b/src/ldb_modules/memberof.c
|
||||||
|
@@ -2727,6 +2727,7 @@ static int mbof_mod_process(struct mbof_mod_ctx *mod_ctx, bool *done)
|
||||||
|
added->dns[j] = added->dns[j+1];
|
||||||
|
}
|
||||||
|
added->num--;
|
||||||
|
+ i--;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
--
|
||||||
|
1.7.4.2
|
||||||
|
|
55
0002-memberof-free-delete-operation-apyload-once-done.patch
Normal file
55
0002-memberof-free-delete-operation-apyload-once-done.patch
Normal file
@ -0,0 +1,55 @@
|
|||||||
|
>From c808473b784459c65a99db8cf519a619df27f45a Mon Sep 17 00:00:00 2001
|
||||||
|
From: Simo Sorce <ssorce@redhat.com>
|
||||||
|
Date: Wed, 13 Apr 2011 17:09:09 -0400
|
||||||
|
Subject: [PATCH] memberof: free delete operation apyload once done
|
||||||
|
|
||||||
|
Large memberof delete operations can cause quite a number of searches
|
||||||
|
and the results are attached to a delop operation structure.
|
||||||
|
Make sure we free this payload once the operation is done and these
|
||||||
|
results are not used anymore so that we get a smaller total memory footprint.
|
||||||
|
---
|
||||||
|
src/ldb_modules/memberof.c | 14 +++++++++++++-
|
||||||
|
1 files changed, 13 insertions(+), 1 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/src/ldb_modules/memberof.c b/src/ldb_modules/memberof.c
|
||||||
|
index 41ea0b344e951ffc47a4882896671bd9b37e1719..4fc46fa84529ac1850cdb588ddf69be0f60e8238 100644
|
||||||
|
--- a/src/ldb_modules/memberof.c
|
||||||
|
+++ b/src/ldb_modules/memberof.c
|
||||||
|
@@ -1161,6 +1161,7 @@ static int mbof_del_fill_muop(struct mbof_del_ctx *del_ctx,
|
||||||
|
static int mbof_del_muop(struct mbof_del_ctx *ctx);
|
||||||
|
static int mbof_del_muop_callback(struct ldb_request *req,
|
||||||
|
struct ldb_reply *ares);
|
||||||
|
+static void free_delop_contents(struct mbof_del_operation *delop);
|
||||||
|
|
||||||
|
|
||||||
|
static int memberof_del(struct ldb_module *module, struct ldb_request *req)
|
||||||
|
@@ -2182,6 +2183,8 @@ static int mbof_del_progeny(struct mbof_del_operation *delop)
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
|
||||||
|
+ free_delop_contents(delop);
|
||||||
|
+
|
||||||
|
if (nextop) {
|
||||||
|
return mbof_del_execute_op(nextop);
|
||||||
|
}
|
||||||
|
@@ -2405,7 +2408,16 @@ static int mbof_del_muop_callback(struct ldb_request *req,
|
||||||
|
return LDB_SUCCESS;
|
||||||
|
}
|
||||||
|
|
||||||
|
-
|
||||||
|
+/* delop may carry on a lot of memory, so we need a function to clean up
|
||||||
|
+ * the payload without breaking the delop chain */
|
||||||
|
+static void free_delop_contents(struct mbof_del_operation *delop)
|
||||||
|
+{
|
||||||
|
+ talloc_zfree(delop->entry);
|
||||||
|
+ talloc_zfree(delop->parents);
|
||||||
|
+ talloc_zfree(delop->anc_ctx);
|
||||||
|
+ delop->num_parents = 0;
|
||||||
|
+ delop->cur_parent = 0;
|
||||||
|
+}
|
||||||
|
|
||||||
|
/* mod operation */
|
||||||
|
|
||||||
|
--
|
||||||
|
1.7.4.2
|
||||||
|
|
34
0003-Never-remove-gecos-from-the-sysdb-cache.patch
Normal file
34
0003-Never-remove-gecos-from-the-sysdb-cache.patch
Normal file
@ -0,0 +1,34 @@
|
|||||||
|
From 9d5a7dec9eb1201f48f497b3f5355439977f0c88 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Stephen Gallagher <sgallagh@redhat.com>
|
||||||
|
Date: Tue, 12 Apr 2011 12:47:14 -0400
|
||||||
|
Subject: [PATCH] Never remove gecos from the sysdb cache
|
||||||
|
|
||||||
|
Now that gecos can come from either the 'gecos' or 'cn' attributes,
|
||||||
|
we need to ensure that we never remove it from the cache.
|
||||||
|
---
|
||||||
|
src/providers/ldap/ldap_common.c | 9 +++++++++
|
||||||
|
1 files changed, 9 insertions(+), 0 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/src/providers/ldap/ldap_common.c b/src/providers/ldap/ldap_common.c
|
||||||
|
index ce6d41d5872a6dd474aff4bab8e2920688abda92..29a5820f5c6c765646c43948a9d17fe0016931ed 100644
|
||||||
|
--- a/src/providers/ldap/ldap_common.c
|
||||||
|
+++ b/src/providers/ldap/ldap_common.c
|
||||||
|
@@ -962,6 +962,15 @@ errno_t list_missing_attrs(TALLOC_CTX *mem_ctx,
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
|
||||||
|
+ /* GECOS is another special case. Its value can come
|
||||||
|
+ * either from the 'gecos' attribute or the 'cn'
|
||||||
|
+ * attribute. It's best if we just never remove it.
|
||||||
|
+ */
|
||||||
|
+ if (strcasecmp(sysdb_name, SYSDB_GECOS) == 0) {
|
||||||
|
+ talloc_free(sysdb_name);
|
||||||
|
+ continue;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
for (j = 0; j < recvd_attrs->num; j++) {
|
||||||
|
/* Check whether this expected attribute appeared in the
|
||||||
|
* received attributes and had a non-zero number of
|
||||||
|
--
|
||||||
|
1.7.4.2
|
||||||
|
|
49
sssd.spec
49
sssd.spec
@ -7,12 +7,9 @@
|
|||||||
%global ldb_modulesdir %(pkg-config --variable=modulesdir ldb)
|
%global ldb_modulesdir %(pkg-config --variable=modulesdir ldb)
|
||||||
%global ldb_version 1.0.2
|
%global ldb_version 1.0.2
|
||||||
|
|
||||||
# Determine the location of the systemd unit file directory
|
|
||||||
%global systemdunitdir %(pkg-config --variable=systemdsystemunitdir systemd)
|
|
||||||
|
|
||||||
Name: sssd
|
Name: sssd
|
||||||
Version: 1.5.5
|
Version: 1.5.5
|
||||||
Release: 2%{?dist}
|
Release: 3%{?dist}
|
||||||
Group: Applications/System
|
Group: Applications/System
|
||||||
Summary: System Security Services Daemon
|
Summary: System Security Services Daemon
|
||||||
License: GPLv3+
|
License: GPLv3+
|
||||||
@ -21,7 +18,9 @@ Source0: https://fedorahosted.org/released/sssd/%{name}-%{version}.tar.gz
|
|||||||
BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX)
|
BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX)
|
||||||
|
|
||||||
### Patches ###
|
### Patches ###
|
||||||
|
Patch0001: 0001-memberof-fix-calculation-of-replaced-members.patch
|
||||||
|
Patch0002: 0002-memberof-free-delete-operation-apyload-once-done.patch
|
||||||
|
Patch0003: 0003-Never-remove-gecos-from-the-sysdb-cache.patch
|
||||||
### Dependencies ###
|
### Dependencies ###
|
||||||
|
|
||||||
Requires: libldb = %{ldb_version}
|
Requires: libldb = %{ldb_version}
|
||||||
@ -114,6 +113,10 @@ use with ldap_default_authtok_type = obfuscated_password.
|
|||||||
%prep
|
%prep
|
||||||
%setup -q
|
%setup -q
|
||||||
|
|
||||||
|
%patch0001 -p1
|
||||||
|
%patch0002 -p1
|
||||||
|
%patch0003 -p1
|
||||||
|
|
||||||
%build
|
%build
|
||||||
autoreconf -ivf
|
autoreconf -ivf
|
||||||
%configure \
|
%configure \
|
||||||
@ -158,8 +161,8 @@ install -m644 src/examples/rwtab $RPM_BUILD_ROOT%{_sysconfdir}/rwtab.d/sssd
|
|||||||
|
|
||||||
# Replace sysv init script with systemd unit file
|
# Replace sysv init script with systemd unit file
|
||||||
rm -f $RPM_BUILD_ROOT/%{_initrddir}/%{name}
|
rm -f $RPM_BUILD_ROOT/%{_initrddir}/%{name}
|
||||||
mkdir -p $RPM_BUILD_ROOT/%{systemdunitdir}/
|
mkdir -p $RPM_BUILD_ROOT/%{_unitdir}/
|
||||||
cp src/sysv/systemd/sssd.service $RPM_BUILD_ROOT/%{systemdunitdir}/
|
cp src/sysv/systemd/sssd.service $RPM_BUILD_ROOT/%{_unitdir}/
|
||||||
|
|
||||||
# Remove .la files created by libtool
|
# Remove .la files created by libtool
|
||||||
rm -f \
|
rm -f \
|
||||||
@ -201,7 +204,7 @@ rm -rf $RPM_BUILD_ROOT
|
|||||||
%files -f sssd.lang
|
%files -f sssd.lang
|
||||||
%defattr(-,root,root,-)
|
%defattr(-,root,root,-)
|
||||||
%doc COPYING
|
%doc COPYING
|
||||||
%{systemdunitdir}/sssd.service
|
%{_unitdir}/sssd.service
|
||||||
%{_sbindir}/sssd
|
%{_sbindir}/sssd
|
||||||
%{_libexecdir}/%{servicename}/
|
%{_libexecdir}/%{servicename}/
|
||||||
%{_libdir}/%{name}/
|
%{_libdir}/%{name}/
|
||||||
@ -259,25 +262,45 @@ rm -rf $RPM_BUILD_ROOT
|
|||||||
|
|
||||||
%post
|
%post
|
||||||
/sbin/ldconfig
|
/sbin/ldconfig
|
||||||
/sbin/chkconfig --add %{servicename}
|
|
||||||
|
|
||||||
if [ $1 -ge 1 ] ; then
|
if [ $1 -ge 1 ] ; then
|
||||||
/sbin/service %{servicename} condrestart 2>&1 > /dev/null
|
# Initial installation
|
||||||
|
/bin/systemctl daemon-reload >/dev/null 2>&1 || :
|
||||||
fi
|
fi
|
||||||
|
|
||||||
%preun
|
%preun
|
||||||
if [ $1 = 0 ]; then
|
if [ $1 = 0 ]; then
|
||||||
/sbin/service %{servicename} stop 2>&1 > /dev/null
|
# Package removal, not upgrade
|
||||||
/sbin/chkconfig --del %{servicename}
|
/bin/systemctl --no-reload disable sssd.service > /dev/null 2>&1 || :
|
||||||
|
/bin/systemctl stop sssd.service > /dev/null 2>&1 || :
|
||||||
|
fi
|
||||||
|
|
||||||
|
%triggerun -- sssd < 1.5.5-3
|
||||||
|
if /sbin/chkconfig sssd ; then
|
||||||
|
/bin/systemctl --no-reload enable sssd.service >/dev/null 2>&1 || :
|
||||||
fi
|
fi
|
||||||
|
|
||||||
%postun -p /sbin/ldconfig
|
%postun -p /sbin/ldconfig
|
||||||
|
|
||||||
%post client -p /sbin/ldconfig
|
%post client -p /sbin/ldconfig
|
||||||
|
|
||||||
%postun client -p /sbin/ldconfig
|
%postun client
|
||||||
|
/sbin/ldconfig
|
||||||
|
/bin/systemctl daemon-reload >/dev/null 2>&1 || :
|
||||||
|
if [ $1 -ge 1 ] ; then
|
||||||
|
# On upgrade, reload init system configuration if we changed unit files
|
||||||
|
/bin/systemctl daemon-reload >/dev/null 2>&1 || :
|
||||||
|
/bin/systemctl try-restart sssd.service >/dev/null 2>&1 || :
|
||||||
|
fi
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Thu Apr 14 2011 Stephen Gallagher <sgallagh@redhat.com> - 1.5.5-3
|
||||||
|
- Fix systemd conversion. Upgrades from SysV to systemd weren't properly
|
||||||
|
- enabling the systemd service.
|
||||||
|
- Fix a serious memory leak in the memberOf plugin
|
||||||
|
- Fix an issue where the user's full name would sometimes be removed
|
||||||
|
- from the cache
|
||||||
|
|
||||||
* Tue Apr 12 2011 Stephen Gallagher <sgallagh@redhat.com> - 1.5.5-2
|
* Tue Apr 12 2011 Stephen Gallagher <sgallagh@redhat.com> - 1.5.5-2
|
||||||
- Install systemd unit file instead of sysv init script
|
- Install systemd unit file instead of sysv init script
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user